diff options
author | Matt Johnston <matt@ucc.asn.au> | 2022-11-10 17:10:16 +0800 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2022-11-10 17:10:16 +0800 |
commit | cda8070898858b9000e6671a16b0da9d24888343 (patch) | |
tree | f71c1d767c218202cf37d9211eb45169dc9d47c5 | |
parent | b5e941c0b13a4de10e3efdede8d44ec197aea04a (diff) | |
download | dropbear-cda8070898858b9000e6671a16b0da9d24888343.tar.gz |
Remove hmac-md5 entirely
-rw-r--r-- | INSTALL | 2 | ||||
-rw-r--r-- | common-algo.c | 7 | ||||
-rw-r--r-- | crypto_desc.c | 3 | ||||
-rw-r--r-- | libtomcrypt/src/headers/tomcrypt_dropbear.h | 4 | ||||
-rw-r--r-- | sysoptions.h | 7 |
5 files changed, 1 insertions, 22 deletions
@@ -58,7 +58,7 @@ Compiling for uClibc should be the same as normal, just set CC to the magic uClibc toolchain compiler (ie export CC=i386-uclibc-gcc or whatever). You can use "make STATIC=1" to make statically linked binaries, and it is advisable to strip the binaries too. If you're looking to make a small binary, -you should remove unneeded ciphers and MD5, by editing localoptions.h +you should remove unneeded ciphers and algorithms, by editing localoptions.h It is possible to compile zlib in, by copying zlib.h and zconf.h into a subdirectory (ie zlibincludes), and diff --git a/common-algo.c b/common-algo.c index 7564df8..378f0ca 100644 --- a/common-algo.c +++ b/common-algo.c @@ -114,10 +114,6 @@ static const struct dropbear_hash dropbear_sha2_256 = static const struct dropbear_hash dropbear_sha2_512 = {&sha512_desc, 64, 64}; #endif -#if DROPBEAR_MD5_HMAC -static const struct dropbear_hash dropbear_md5 = - {&md5_desc, 16, 16}; -#endif const struct dropbear_hash dropbear_nohash = {NULL, 16, 0}; /* used initially */ @@ -186,9 +182,6 @@ algo_type sshhashes[] = { #if DROPBEAR_SHA2_512_HMAC {"hmac-sha2-512", 0, &dropbear_sha2_512, 1, NULL}, #endif -#if DROPBEAR_MD5_HMAC - {"hmac-md5", 0, (void*)&dropbear_md5, 1, NULL}, -#endif {NULL, 0, NULL, 0, NULL} }; diff --git a/crypto_desc.c b/crypto_desc.c index 5e0e960..d0dcc82 100644 --- a/crypto_desc.c +++ b/crypto_desc.c @@ -34,9 +34,6 @@ void crypto_init() { #if DROPBEAR_SHA1_HMAC &sha1_desc, #endif -#if DROPBEAR_MD5_HMAC - &md5_desc, -#endif #if DROPBEAR_SHA256 &sha256_desc, #endif diff --git a/libtomcrypt/src/headers/tomcrypt_dropbear.h b/libtomcrypt/src/headers/tomcrypt_dropbear.h index 46e84fb..e8e933e 100644 --- a/libtomcrypt/src/headers/tomcrypt_dropbear.h +++ b/libtomcrypt/src/headers/tomcrypt_dropbear.h @@ -54,10 +54,6 @@ #define LTC_SHA1 #endif -#if DROPBEAR_MD5 -#define LTC_MD5 -#endif - /* ECC */ #if DROPBEAR_ECC #define LTC_MECC diff --git a/sysoptions.h b/sysoptions.h index 8313ef9..0efb9bb 100644 --- a/sysoptions.h +++ b/sysoptions.h @@ -111,7 +111,6 @@ #define SHA1_HASH_SIZE 20 #define SHA256_HASH_SIZE 32 -#define MD5_HASH_SIZE 16 #define MAX_HASH_SIZE 64 /* sha512 */ #if DROPBEAR_CHACHA20POLY1305 @@ -134,11 +133,6 @@ #define DROPBEAR_SHA2_512_HMAC 0 #endif -/* might be needed for compatibility with very old implementations */ -#ifndef DROPBEAR_MD5_HMAC -#define DROPBEAR_MD5_HMAC 0 -#endif - #define DROPBEAR_ECC ((DROPBEAR_ECDH) || (DROPBEAR_ECDSA)) /* Debian doesn't define this in system headers */ @@ -184,7 +178,6 @@ #define DROPBEAR_SHA512 ((DROPBEAR_SHA2_512_HMAC) || (DROPBEAR_ECC_521) \ || (DROPBEAR_SHA384) || (DROPBEAR_DH_GROUP16) \ || (DROPBEAR_ED25519)) -#define DROPBEAR_MD5 (DROPBEAR_MD5_HMAC) #define DROPBEAR_DH_GROUP14 ((DROPBEAR_DH_GROUP14_SHA256) || (DROPBEAR_DH_GROUP14_SHA1)) |